Headhunting firm Manpower yesterday confirmed it notified 144,189 people of a December 2024 data breach that compromised their personal information.
Manpower has not publicly disclosed what types of data were affected. It is offering victims free credit monitoring and identity theft protection, which usually implies that Social Security numbers and/or other data that could be used for identity theft were compromised.
Ransomware gang RansomHub in January 2025 took credit for the attack, saying it stole 500 GB of data from Manpower.
Manpower has not verified RansomHub’s claim. We do not know if Manpower paid a ransom, how much RansomHub demanded, or how attackers breached Manpower’s network. Comparitech contacted Manpower for comment and will update this article if it replies.
“On January 20, 2025, we experienced an IT outage that disrupted access to certain local systems,” Manpower says in its notice to victims. “Through that investigation, we learned of information suggesting that an unknown actor gained unauthorized access to our network between December 29, 2024 and January 12, 2025 and potentially acquired certain files, some of which may have contained certain individuals’ personal information.”
Manpower is offering eligible victims 12 months of credit monitoring and $1 million in identity theft insurance through Equifax.
Who is RansomHub?
RansomHub is a cybercriminal group that runs a ransomware-as-a-service business in which affiliates pay to use the group’s malware and infrastructure to launch their own attacks and collect ransoms. RansomHub has been behind high-profile attacks on large businesses and organizations. It first started posting organizations it hacked to its leak site in February 2024.
Since then, RansomHub has taken credit for 152 confirmed ransomware attacks compromising 6.8 million records in total. It made another 615 unconfirmed attack claims that haven’t been publicly acknowledged by the targeted organizations.
The attack on Manpower is RansomHub’s seventh-largest breach to date based on the number of compromised records. RansomHub’s largest claims include:
- Rite Aid notified 2.2 million people of a June 2024 data breach
- Patelco Credit Union notified 1 million people of a June 2024 data breach
- Park’N Fly notified 1 million people of a July 2024 data breach
- Frontier Communications notified 752,000 people of an April 2024 data breach
- Florida Department of Health notified 730,000 people of an April 2024 data breach
- American Clinical Solutions notified 300,000 people of a May 2024 data breach
RansomHub stopped adding new attack claims to its site in March 2025, suggesting the gang might no longer be active.
Ransomware attacks on US organizations
Comparitech researchers logged 849 confirmed ransomware attacks on US organizations in 2024, compromising 276.4 million records. In 2025 to date, we’ve recorded 251 attacks compromising 9.8 million records.
In another recent attack, Daniels Law Group notified 5,199 people of a June 2025 data breach claimed by ransomware group Qilin.
Ransomware groups made another 2,006 unconfirmed claims in 2024 and 1,926 claims in 2025. These claims haven’t been publicly acknowledged by the targeted organizations.
Ransomware attacks can both steal data and lock down computer systems. Infected organizations must either pay a ransom or face extended downtime, permanent data loss, and putting customers at increased risk of fraud.
About Manpower
Manpower is a headhunting firm that works with 14,000 small- to mid-size organizations, has 83,000 associates, and has placed 30,000 people in jobs, according to its website. The company operates branches in Adrian, MI; Aiken, SC; Albany, NY; Albert Lea, MN; Albuquerque, NM; Alexandria, LA; Alexandria, MN; and Altamonte Springs, FL.
The data breach notice submitted to the Maine Attorney General specifically mentions Manpower of Lansing, Michigan, but lists New York as the company’s state.
